Clarence

Agentic reasoning perfectly augments shortcomings of current industry CVE<->SBOM matching systems. *True prioritization *Smart Grouping *Summary, Fix Proposal, References Bonus: Dashboard! :)

Comment

What it does

Clarence is a multi-agent system that augments industry CVE-SBOM matching tools with real context. Instead of just dumping a list of vulnerabilities, it figures out which ones actually matter, groups related issues intelligently, and explains what’s going on in clean, developer-friendly language - complete with references. The result is a smarter, clearer, more actionable view of your software’s risks, all laid out in a lightweight dashboard.

How we built it

Backend

  • Python
  • Pydantic
  • OSV-scanner
  • Docker

Frontend

  • React
  • TypeScript
  • TailwindCSS
  • Vite

Challenges we ran into

  • T I M E

Accomplishments that we're proud of

It runs ! We didn't think we could do it ! It even has a Dashboard !

What we learned

An intense project planning session is definitely worth the time. Saved us so much trouble compared to last year!

Built With

Share this project:

Updates